CVE-2024-37151

HIGH Year: 2024
CVSS v3 Score
7.5
High
Weakness Type
CWE-754
View all →

Vulnerability Description

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When using af-packet, enable `defrag` to reduce the scope of the problem.

Related Vulnerabilities

CVE-2016-8209

HIGH
CVSS:7.5(High)

Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allo...

CWE-7542016

CVE-2017-10894

HIGH
CVSS:7.5(High)

StreamRelay.NET.exe ver2.14.0.7 and earlier allows remote attackers to cause a denial of service via unspecified vectors.

CWE-7542017

CVE-2017-10895

HIGH
CVSS:7.5(High)

sDNSProxy.exe ver1.1.0.0 and earlier allows remote attackers to cause a denial of service via unspecified vectors.

CWE-7542017

CVE-2017-11144

HIGH
CVSS:7.5(High)

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, the openssl extension PEM sealing code did not check the return value of the OpenSSL sealing function, which could lead to a crash of t...

CWE-7542017

CVE-2017-12119

HIGH
CVSS:7.5(High)

An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An a...

CWE-7542017

CVE-2017-17083

HIGH
CVSS:7.5(High)

In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginnin...

CWE-7542017